Search This Blog

Matt's Blog

Posts

Every time I have to configure a new instance of IntelliJ I have to hunt for these settings to ensure that inspections catch possible NPEs to code annotated with @NotNull, so I'm writing the steps here,

Hi. My name is Matt, and I have pull-request-criticism-ophobia. I die a little inside every time someone tells me what I noob I have been when writing code.

I am also a Java 8 developer, and have developed an interest in functional programing. One day I found the Optional class, and my life has been a living hell ever since. Here's why.

I was tasked to write the following code:The method must convert an object of type ObjectA to an object of type ObjectDThe conversion will be done via a number of service objects that will do the hard work of converting ObjectA to ObjectB, ObjectB to ObjectC, and ObjectC to ObjectD.These services do not throw exceptions, or throw only runtime exceptions.These services return a mixture of null or empty Optional objects to indicate that no conversion could take place.The method should return an empty Optional if the supplied ObjectA was null, or if any conversion returns null or an empty Optional.
Because I have read no less than 3 blog posts on Mona…

If you have ever run into “ssl_error_no_cypher_overlap” errors trying to configure Wildfly to use HTTP then you have probably cursed the lack of decent documentation for configuring Wildfly now that browsers have disabled a lot of insecure SSL cyphers. This is how I got around the problem.

First you need a self signed key. This can be created with the command:

The following instructions show you how to configure Keycloak with Windows AD in order to use Kerberos authentication.
Assumptions The Kerberos realm is VIRTUAL.LOCALThe hostname used to access Keycloak is virtual.local. This just means we are running Keycloak on the domain controller. In production virtual.local will be replaced with something like keycloak.dev.virtual.local or something like that, giving you a SPN of HTTP/keycloak.dev.virtual.local@VIRTUAL.LOCAL
ConfigurationCreate a windows domain account called Keycloak.Run the following command to assign a SPN to the user and generate a keytab file:ktpass -out keycloak.keytab -princ HTTP/virtual.local@VIRTUAL.LOCAL -mapUser Keycloak@VIRTUAL.LOCAL -pass password1! -kvno 0 -ptype KRB5_NT_PRINCIPAL -crypto RC4-HMAC-NTVerify the SPN has been assigned to the user with the command:setspn -l KeycloakConfigure the LDAP settings in Keycloak like this. Since we are running Keycloak on the domain controller, we reference LDAP via the local …

So it is official. As an internet user in the great country of Australia my actions online are now tracked and recorded by the government. And that doesn't sit so well with me.

But rather than complain, I decided to take action and install an Asus RT-N66U router as the gateway on my home network. The router had generally positive reviews online, but I was mostly interested in the fact that it supported third party firmware, like the popular ones provided by a developer calling himself Merlin.

One of the big benefits provided by third party firmware releases is that you get early access to some cool new features. One such feature that caught my eye was the introduction of Tor into the router.

I have used Tor sporadically in the past. While I have to commend the Tor developers for making it easy to install Tor and browse anonymously, the reality is that running an additional piece of software was kind of a pain. It was a mental jump to go from "always online" to "firs…

Cross Site Scripting, or XSS, is a fairly common vector used to attack web sites. It involves user generated code being redisplayed by a website with all the privileges and security rights that a browser assigns to code originating from the current host. If the user code is something like <script>doEvil();</script>, then you have a problem.

The library being demonstrated here is based off the ideas presented in that article, but fleshed out to be more flexible and easy to deploy. We call this library the (unimaginatively named) Parameter Validation Filter, or PVF.

PVF is implemented as a Servlet filter that intercepts requests to web pages, runs submitted parameters through a configurable sequence of validati…